Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/faW_PPYk_4UD9_3RNfk7L7R4hKg.roa
File: faW_PPYk_4UD9_3RNfk7L7R4hKg.roa (raw, json)
Hash identifier: NsYb0FRDPoAtzYBgzGg3wYZizhwYw15oPV3lBi8uVeo=
Subject key identifier: 7D:A5:BF:3C:F6:24:FF:85:03:F7:FD:D1:35:F9:3B:2F:B4:78:84:A8
Certificate issuer: /CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Certificate serial: 0199C82788FB26CA9F8372F100C30D043F2F
Authority key identifier: 61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/faW_PPYk_4UD9_3RNfk7L7R4hKg.roa
Signing time: Thu 09 Oct 2025 08:47:38 +0000
ROA not before: Thu 09 Oct 2025 08:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211316
IP address blocks: 62.146.253.0/24 maxlen: 24
91.212.42.0/24 maxlen: 24
147.12.16.0/20 maxlen: 24
185.101.196.0/22 maxlen: 24
185.101.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c8:27:88:fb:26:ca:9f:83:72:f1:00:c3:0d:04:3f:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Validity
Not Before: Oct 9 08:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7da5bf3cf624ff8503f7fdd135f93b2fb47884a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:36:2b:18:28:a3:cf:30:7e:84:67:85:44:21:
e4:6b:52:d0:b1:15:6e:11:af:48:25:d3:e0:f4:5c:
f6:1d:54:b3:49:4b:cf:74:1b:93:52:4d:13:bc:8c:
85:fe:f7:f0:08:1a:ea:ea:a4:55:e8:9d:f3:76:bb:
5d:43:5e:92:68:8f:4f:0a:0f:cf:39:c0:b0:ae:5b:
94:82:a0:31:e6:ae:de:27:54:6c:93:e9:f9:11:f4:
ce:40:a7:11:2e:4d:db:0e:cd:4d:55:e1:e7:39:b6:
50:ba:43:eb:cd:57:4c:ee:dd:34:a2:d8:2e:88:74:
02:b9:37:c1:e1:91:01:8a:42:e7:22:0c:9a:84:e6:
f6:d8:92:f0:cd:e8:0b:04:5f:16:14:3b:bf:58:f2:
8b:f5:ef:0b:04:7d:bf:9c:e5:02:66:75:ac:80:52:
f0:ff:f2:7c:fb:66:75:b6:a3:f5:ca:8b:8c:9a:6d:
82:b6:76:d2:70:78:9a:5c:70:a9:e1:b1:2d:ad:2c:
c3:52:3d:80:ef:a2:b6:ed:4f:10:38:96:7f:24:d2:
96:50:85:e6:84:20:ad:62:2d:6f:40:17:99:62:2a:
20:73:eb:55:e4:e4:0a:fe:76:6f:39:46:97:f8:09:
4d:49:ff:0a:4c:7d:96:7e:8c:91:ad:9d:a5:b5:ff:
75:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A5:BF:3C:F6:24:FF:85:03:F7:FD:D1:35:F9:3B:2F:B4:78:84:A8
X509v3 Authority Key Identifier:
keyid:61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/faW_PPYk_4UD9_3RNfk7L7R4hKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.146.253.0/24
91.212.42.0/24
147.12.16.0/20
185.101.196.0/22
Signature Algorithm: sha256WithRSAEncryption
28:3f:c5:44:40:9d:ad:4e:5e:bc:40:65:2e:91:bd:01:4c:0c:
aa:6f:ee:63:01:6c:f4:c4:56:ad:a1:f8:36:86:6f:79:ee:44:
fe:8b:18:2a:2e:8d:b1:46:9b:3d:bb:a2:1b:cc:e7:47:c3:4a:
9c:86:bd:13:e3:49:ef:d0:9d:a3:cd:85:62:3b:d4:49:b6:46:
39:15:f6:ab:7e:7e:7a:12:96:c7:df:c2:3f:2b:01:35:52:1d:
73:14:83:58:8e:4d:dc:e1:1f:5f:d3:80:db:07:ba:6c:2e:36:
b8:cb:a9:17:57:37:b1:8e:79:a5:a8:3c:0a:1f:74:b5:29:ee:
ad:ff:a9:5c:27:46:be:6a:71:77:26:dd:98:4b:a0:bc:ae:ca:
79:7a:7b:88:3b:49:11:82:0b:6e:a1:32:e3:5c:6d:4b:24:4f:
98:9c:7e:2c:0b:19:59:51:46:6c:84:53:61:47:2e:4d:e3:d7:
71:8d:f1:38:ed:11:7c:da:e8:eb:66:1b:46:7c:f9:62:0c:d9:
42:4d:00:f3:6c:75:c0:2f:a5:50:90:36:6b:bc:74:cd:11:eb:
9f:08:21:40:70:21:e8:b9:5b:ad:80:6c:39:ef:f9:25:2b:4b:
bb:43:30:be:ce:dc:e3:83:fd:5d:18:17:7b:ed:8b:91:e4:39:
09:bd:b1:8a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZnIJ4j7Jsqfg3LxAMMNBD8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxN2NkOGQ0OGI1ZDE1NjY3YmYxMzEzOTZkNGE2YzU5ZDdk
MTY3YzAwHhcNMjUxMDA5MDg0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGE1YmYzY2Y2MjRmZjg1MDNmN2ZkZDEzNWY5M2IyZmI0Nzg4NGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+TYrGCijzzB+hGeFRCHka1LQsRVu
Ea9IJdPg9Fz2HVSzSUvPdBuTUk0TvIyF/vfwCBrq6qRV6J3zdrtdQ16SaI9PCg/P
OcCwrluUgqAx5q7eJ1Rsk+n5EfTOQKcRLk3bDs1NVeHnObZQukPrzVdM7t00otgu
iHQCuTfB4ZEBikLnIgyahOb22JLwzegLBF8WFDu/WPKL9e8LBH2/nOUCZnWsgFLw
//J8+2Z1tqP1youMmm2CtnbScHiaXHCp4bEtrSzDUj2A76K27U8QOJZ/JNKWUIXm
hCCtYi1vQBeZYiogc+tV5OQK/nZvOUaX+AlNSf8KTH2WfoyRrZ2ltf91UQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH2lvzz2JP+FA/f90TX5Oy+0eISoMB8GA1UdIwQY
MBaAFGF82NSLXRVme/ExOW1KbFnX0WfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEt
YmY2ZTk3ZGRkMDc5LzEvZmFXX1BQWWtfNFVEOV8zUk5mazdMN1I0aEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEtYmY2ZTk3ZGRkMDc5
LzEvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPpL9AwQA
W9QqAwQEkwwQAwQCuWXEMA0GCSqGSIb3DQEBCwUAA4IBAQAoP8VEQJ2tTl68QGUu
kb0BTAyqb+5jAWz0xFatofg2hm957kT+ixgqLo2xRps9u6IbzOdHw0qchr0T40nv
0J2jzYViO9RJtkY5Ffarfn56EpbH38I/KwE1Uh1zFINYjk3c4R9f04DbB7psLja4
y6kXVzexjnmlqDwKH3S1Ke6t/6lcJ0a+anF3Jt2YS6C8rsp5enuIO0kRggtuoTLj
XG1LJE+YnH4sCxlZUUZshFNhRy5N49dxjfE47RF82ujrZhtGfPliDNlCTQDzbHXA
L6VQkDZrvHTNEeufCCFAcCHouVutgGw57/klK0u7QzC+ztzjg/1dGBd77YuR5DkJ
vbGK
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:41 2025 by rpki-client